David Shipley is the CEO and Co-Founder of Beauceron Security Inc., a New Brunswick-based cybersecurity software firm with clients across North America. David is a certified information security manager and frequently writes and speaks about cybersecurity issues across North America. Over the summer he is exploring a variety of cybersecurity issues in a weekly column for CBC Radio New Brunswick.
Imagine driving your pickup truck off-road and suddenly having your airbags and seat belts malfunction because of an object striking the undercarriage. That causes a software error in your smart vehicle, causing the computer to incorrectly turn off critical equipment that protects you.
Sounds far fetched?
It shouldn’t. It’s part of a recall notice that affected more than 200,000 Dodge Ram trucks in Canada and a million in the United States. Fiat Chrsyler issued the recall in May and is aware of one death and two injuries as well as two accidents that may be related to the issue.
It’s just the latest safety issue affecting cars and trucks made by a variety of auto makers over the past few years. The most stunning hack to date happened in 2015.
Two years ago security researchers demonstrated they could remotely hack a 2015 Jeep Cherokee over the internet and take control of its systems as well as disable its transmission and interfere with its steering and brakes.
After that hack was announced, there was a lot of talk about the need for new laws to regulate cybersecurity in vehicles. Unfortunately, it only ever amounted to talk.
Why are cars so hackable?
No one set out to make a hackable internet-connected vehicle that could be turned into a weapon.
In fact, the first steps towards this disaster had nothing to do with connecting the car to the internet.
The first steps had to do with introducing entertainment technology in order to raise the perceived value proposition…